Details of VAR-202210-0537

ID

VAR-202210-0537

CVE

CVE-2022-38371

TITLE

Resource Exhaustion Vulnerability in Multiple Siemens Products

Trust: 0.8

sources: JVNDB: JVNDB-2022-018827

DESCRIPTION

A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet) (All versions), APOGEE PXC Compact (BACnet) (All versions < V3.5.7), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.21), APOGEE PXC Modular (BACnet) (All versions < V3.5.7), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.21), Desigo PXC00-E.D (All versions >= V2.3), Desigo PXC00-U (All versions >= V2.3), Desigo PXC001-E.D (All versions >= V2.3), Desigo PXC100-E.D (All versions >= V2.3), Desigo PXC12-E.D (All versions >= V2.3), Desigo PXC128-U (All versions >= V2.3), Desigo PXC200-E.D (All versions >= V2.3), Desigo PXC22-E.D (All versions >= V2.3), Desigo PXC22.1-E.D (All versions >= V2.3), Desigo PXC36.1-E.D (All versions >= V2.3), Desigo PXC50-E.D (All versions >= V2.3), Desigo PXC64-U (All versions >= V2.3), Desigo PXM20-E (All versions >= V2.3), Nucleus NET for Nucleus PLUS V1 (All versions < V5.2a), Nucleus NET for Nucleus PLUS V2 (All versions < V5.4), Nucleus ReadyStart V3 V2012 (All versions < V2012.08.1), Nucleus ReadyStart V3 V2017 (All versions < V2017.02.4), Nucleus Source Code (All versions including affected FTP server), TALON TC Compact (BACnet) (All versions < V3.5.7), TALON TC Modular (BACnet) (All versions < V3.5.7). The FTP server does not properly release memory resources that were reserved for incomplete connection attempts by FTP clients. This could allow a remote attacker to generate a denial of service condition on devices that incorporate a vulnerable version of the FTP server. Nucleus NET , Nucleus ReadyStart V3 , Nucleus Source Code A resource exhaustion vulnerability exists in several Siemens products.Service operation interruption (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2022-38371 // JVNDB: JVNDB-2022-018827

AFFECTED PRODUCTS

vendor:	siemens	model:	apogee modular equiment controller	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	desigo pxc36.1-e.d	scope:	lte	version:	2.3	Trust: 1.0
vendor:	siemens	model:	desigo pxc200-e.d	scope:	lte	version:	2.3	Trust: 1.0
vendor:	siemens	model:	apogee modular building controller	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	desigo pxc22.1-e.d	scope:	lte	version:	2.3	Trust: 1.0
vendor:	siemens	model:	desigo pxc001-e.d	scope:	lte	version:	2.3	Trust: 1.0
vendor:	siemens	model:	nucleus readystart v3	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	desigo pxc64-u	scope:	lte	version:	2.3	Trust: 1.0
vendor:	siemens	model:	talon tc compact	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	desigo pxc00-e.d	scope:	lte	version:	2.3	Trust: 1.0
vendor:	siemens	model:	nucleus net	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	apogee pxc compact	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	desigo pxc12-e.d	scope:	lte	version:	2.3	Trust: 1.0
vendor:	siemens	model:	desigo pxc50-e.d	scope:	lte	version:	2.3	Trust: 1.0
vendor:	siemens	model:	desigo pxc128-u	scope:	lte	version:	2.3	Trust: 1.0
vendor:	siemens	model:	desigo pxc00-u	scope:	lte	version:	2.3	Trust: 1.0
vendor:	siemens	model:	apogee pxc modular	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	nucleus source code	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	desigo pxm20-e	scope:	lte	version:	2.3	Trust: 1.0
vendor:	siemens	model:	desigo pxc100-e.d	scope:	lte	version:	2.3	Trust: 1.0
vendor:	siemens	model:	desigo pxc22-e.d	scope:	lte	version:	2.3	Trust: 1.0
vendor:	シーメンス	model:	apogee pxc compact	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxc001-e.d	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxc12-e.d	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	apogee modular building controller	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	apogee modular equiment controller	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxm20-e	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxc00-e.d	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxc64-u	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxc36.1-e.d	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxc00-u	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxc22.1-e.d	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxc22-e.d	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	apogee pxc modular	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	nucleus net	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	nucleus source code	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxc50-e.d	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	nucleus readystart v3	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxc200-e.d	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxc128-u	scope:	-	version:	-	Trust: 0.8
vendor:	シーメンス	model:	desigo pxc100-e.d	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-018827 // NVD: CVE-2022-38371

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-38371
value:	HIGH
Trust: 1.0
productcert@siemens.com:	CVE-2022-38371
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-38371
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202210-513
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-38371
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 2.0
NVD:	CVE-2022-38371
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-018827 // CNNVD: CNNVD-202210-513 // NVD: CVE-2022-38371 // NVD: CVE-2022-38371

PROBLEMTYPE DATA

problemtype:	CWE-400	Trust: 1.0
problemtype:	CWE-401	Trust: 1.0
problemtype:	Resource exhaustion (CWE-400) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-018827 // NVD: CVE-2022-38371

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202210-513

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202210-513

PATCH

title:

Siemens Nucleus NET and Nucleus ReadyStart Remediation of resource management error vulnerabilities

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=210594

Trust: 0.6

sources: CNNVD: CNNVD-202210-513

EXTERNAL IDS

db:	NVD	id:	CVE-2022-38371	Trust: 3.2
db:	SIEMENS	id:	SSA-313313	Trust: 2.4
db:	SIEMENS	id:	SSA-935500	Trust: 2.4
db:	ICS CERT	id:	ICSA-22-286-07	Trust: 1.4
db:	ICS CERT	id:	ICSA-22-286-12	Trust: 1.4
db:	JVN	id:	JVNVU92214181	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-018827	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.5099	Trust: 0.6
db:	CNNVD	id:	CNNVD-202210-513	Trust: 0.6

sources: JVNDB: JVNDB-2022-018827 // CNNVD: CNNVD-202210-513 // NVD: CVE-2022-38371

REFERENCES

url:	https://cert-portal.siemens.com/productcert/pdf/ssa-313313.pdf	Trust: 2.4
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-935500.pdf	Trust: 2.4
url:	https://cert-portal.siemens.com/productcert/html/ssa-313313.html	Trust: 1.0
url:	https://cert-portal.siemens.com/productcert/html/ssa-935500.html	Trust: 1.0
url:	https://jvn.jp/vu/jvnvu92214181/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-38371	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-22-286-07	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-22-286-12	Trust: 0.8
url:	https://us-cert.cisa.gov/ics/advisories/icsa-22-286-07	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-38371/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5099	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-22-286-12	Trust: 0.6

sources: JVNDB: JVNDB-2022-018827 // CNNVD: CNNVD-202210-513 // NVD: CVE-2022-38371

CREDITS

Siemens reported this vulnerability to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202210-513

SOURCES

db:	JVNDB	id:	JVNDB-2022-018827
db:	CNNVD	id:	CNNVD-202210-513
db:	NVD	id:	CVE-2022-38371

LAST UPDATE DATE

2024-08-14T12:05:51.421000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2022-018827	date:	2023-10-23T08:12:00
db:	CNNVD	id:	CNNVD-202210-513	date:	2023-02-15T00:00:00
db:	NVD	id:	CVE-2022-38371	date:	2024-05-14T16:15:25.167

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2022-018827	date:	2023-10-23T00:00:00
db:	CNNVD	id:	CNNVD-202210-513	date:	2022-10-11T00:00:00
db:	NVD	id:	CVE-2022-38371	date:	2022-10-11T11:15:10.297